package indv.Cning.cfengsecuritydemo.controller;

import indv.Cning.cfengsecuritydemo.domain.Resp;
import indv.Cning.cfengsecuritydemo.domain.UserDto;
import indv.Cning.cfengsecuritydemo.entity.TAuthority;
import indv.Cning.cfengsecuritydemo.entity.TRole;
import indv.Cning.cfengsecuritydemo.entity.Tuser;
import indv.Cning.cfengsecuritydemo.repository.TAuthorityRepository;
import indv.Cning.cfengsecuritydemo.repository.TRoleRepository;
import indv.Cning.cfengsecuritydemo.repository.TuserRepository;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCrypt;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;

import javax.management.relation.Role;
import javax.validation.Valid;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
 * @author Cfeng
 * @date 2022/7/21
 */

@RestController
@RequestMapping("/toLogin")
@RequiredArgsConstructor
public class LoginController {

    private final TuserRepository tuserRepository;

    private final TRoleRepository tRoleRepository;

    private final TAuthorityRepository tAuthorityRepository;
    //spring security中封装的密码加密类，shiro手工封装基于提供的SimpleHash
    private final PasswordEncoder passwordEncoder;

    @GetMapping("/login")
    public ModelAndView login() {
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("login");
        return modelAndView;
    }

    @PostMapping("/register")
    public Resp<Void> register(@RequestBody @Valid UserDto userDto) {
        Tuser tuser = new Tuser().setUserName(userDto.getUserName())//这里要进行默认加密，{id前缀} + 密码指定加密方式
                .setUserPwd(BCrypt.hashpw(userDto.getUserPwd(),BCrypt.gensalt())); //密码使用BCrypt盐加密
        tuserRepository.save(tuser);
        return Resp.ok(null);
    }

    @GetMapping("/hello")
    public Resp<String> greetString() {
        //shiro中直接注解方便,认证信息，代表的就是当前的用户，getName获得用户名
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        //============
//        Tuser usrA= tuserRepository.findByUserName("admin");
//        Tuser usrB = tuserRepository.findByUserName("Cfeng");
//        TRole adRole = tRoleRepository.findById(1).get(); //admin角色
//        TRole userRole = tRoleRepository.findById(2).get(); //user角色
//        TAuthority readAuth = tAuthorityRepository.findById(1).get();
//        TAuthority writeAuth = tAuthorityRepository.findById(2).get();
//        //设置角色和权限对应关系
//        List<TAuthority> authoritiesAdmin = new ArrayList<>();
//        authoritiesAdmin.add(readAuth);
//        authoritiesAdmin.add(writeAuth);
//        adRole.getAuthorities().addAll(authoritiesAdmin);
//        //
//        List<TAuthority> authoritiesUser = new ArrayList<>();
//        authoritiesUser.add(readAuth);
//        userRole.getAuthorities().addAll(authoritiesUser);
//        //设置用户和角色对应关系
//        usrA.getRoles().addAll(new ArrayList<>(Arrays.asList(adRole)));
//        usrB.getRoles().addAll(new ArrayList<>(Arrays.asList(userRole)));
//         TAuthority wite = tAuthorityRepository.findById(2).get();
//         TRole writer = new TRole();
//         writer.setRoleName("writer");
//         writer.getAuthorities().add(wite);
//         tRoleRepository.save(writer);
        //获取当前用户名
        return Resp.ok("hello, This is " + authentication.getName() + authentication.getAuthorities().toString());
    }
}
